<!DOCTYPE html>

<html lang="en">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<script type="text/javascript" src="lib/jquery.min.2.1.4.js"></script>
	<title>Insert title here</title>
</head>

<body>
<br>
<span>widechar POC</span>

<div>
	<span>Form post POC | htmlEscape </span>
	<form id="xsshtml" action="/xsshtml" method="POST">
		<input id="data" type="text" name="input" value="%df%22;alert(1);//">
		<input id="btn" type="submit"/>
	</form>
</div>

<br>
<div>
	<span>Form post POC | 自定义过滤器</span>
	<form id="xssform" action="/xssform" method="POST">
		<input id="data" type="text" name="input" value="%df%22;alert(1);//">
		<input id="btn" type="submit"/>
	</form>
</div>

<div>
	<span>get poc（可能会因中间件处理异常导致问题中途被拦截）</span>
	<div>
		<a href="/xssform?input=%df%22;alert(1);//">get test</a>
	</div>
</div>

<br>
<div>
	<span>ajax poc</span>
	<div>
		<!-- %df -->
		<input id="inputdata" type="text" value="%22;alert(1);//"/>
		<input id="btn" type="button" value="go" onclick="fire()" />
	</div>
</div>
<div>
	your input is: <br><span id="showdata" type="text"></span>
</div>

<br>
</body>
<script type="text/javascript">

    function fire(){
    	var inputdata = $("#inputdata").val();
    	$.ajax({
			url: '/xss',
            method: 'POST',
    		data: {
    			input:inputdata
    		},
    		//no problem
            success: function (data) {
            	if(data){
					var showdata = data;
					//alert(showdata);
            		//$("#showdata").html(data);
				    document.getElementById("showdata").innerHTML=data;
            	}
            	else{
	                alert('error:'+data);
            	}
            },
            error: function (error) {
                alert('error:'+error);
            }
        });
    }
</script>
</html>